Re: gnome-keyring Question about ACL per storage item
- From: Anders Rundgren <anders rundgren telia com>
- To: Elena Reshetova <elena reshetova gmail com>
- Cc: gnome-keyring-list gnome org
- Subject: Re: gnome-keyring Question about ACL per storage item
- Date: Mon, 24 Oct 2011 11:56:45 +0200
On 2011-10-24 10:01, Elena Reshetova wrote:
Hi Elena,
<snip>
> I am not sure we have such an advance requirements to "issue" keys with ACL
> attached, but I think we would be satisfied by just be able to separate
> keys, certificates and secrets usage and access (these are two different
> things) between different applications on the platform.
This is depending on what the "target audience is.
I'm personally not targeting security people but consumers
who do not generally care about security. If you for example
download a "payment app" from your bank, the bank want to
be assured that only that app can use the "payment key".
Unless the payment app has its own keystore, you need some
way to attach an "app-ID" to an ACL to the on-line provisioned
payment key.
I expect this to become a standard feature in mobile OSes.
A "standard" is though less likely since there is no SDO
(standards developing organization) that seems prepared
taking on such a difficult task. I also believe that
it might affect the OS-platform itself in order to be
realistic. As Stef mentioned, Virtual Machine languages
introduce additional issues since they are layered.
Best regards,
Anders
>
> Best Regards,
> Elena.
>
>
> On Thu, Oct 20, 2011 at 11:12 PM, Anders Rundgren <anders rundgren telia com
>> wrote:
>
>> Hi Elena,
>> The question you ask has been raised before by me.
>> I also think this is a *very* valid requirement and I'm (pretty) sure it
>> will be a standard feature in Windows 8.
>>
>> Unfortunately it seems that the Linux world lacks the product management
>> and resource coordination needed for making this happen anyway soon.
>> Stef Walter is doing a fantastic job but there are limits to what one
>> person can accomplish.
>>
>> Anyway, fixing the keyring won't get you far; you need to be able to
>> *issue* keys with ACLs attached and that part is horribly lagging not only
>> in Linux but in most systems.
>>
>> FWIW, I'm running such an effort but I'm (at least) as resource-constrained
>> as Stef so it surely doesn't go fast. In addition, I need to get my stuff
>> into browsers and that is *really* difficult. Not technically, but
>> politically.
>>
>> BTW, trusted application is already a part of the Google wallet. How they
>> accomplish this is currently not described. The crypto chip is
>> NDA-protected as well :-(
>>
>> Anders
>> http://webpki.org/auth-token-4-the-cloud.html
>>
>>
>> On 2011-10-20 09:17, Elena Reshetova wrote:
>>
>> Hi,
>>
>> I have been studying different solutions available in Linux for securely
>> storing certificates, keys and other credentials and one of the solutions I
>> am going through is Gnome Keyring.
>> I saw that it used to have ACL per item in the storage, where one can
>> specify basic read/write/delete rules and identify application (or
>> applications?) that is allowed to use the item. However, this functionality
>> is now marked deprecated and I could not find explanations for such
>> decision.
>>
>> The use case I am interested in is very simple. I am as a user would like
>> to be able to control what of my secrets are accessible to which
>> applications on the system. Because I may have very different applications
>> installed on my system and not trust each of them in the same way. For
>> example, I may have two different key pairs for signing my emails, one for
>> corporate emails and one for personal. Similarly I may be forced to use two
>> different mail clients: for private emails my favourite open-source mail
>> client (that my company doesn't feel that it is trusted enough) and "company
>> approved" mail client for company emails. And of course I would like to
>> specify that these two email clients should be able to access only a private
>> key from corresponding key pair for signing.
>>
>> I can think of quite many use cases like that.
>>
>> Are there any plans/desires to have such functionality supported in Gnome
>> Keyring? It isn't listed in architecture goals and plans and that's why I am
>> interested to ask.
>>
>> Best Regards,
>> Elena.
>>
>>
>> _______________________________________________
>> gnome-keyring-list mailing listgnome-keyring-list@gnome.orghttp://mail.gnome.org/mailman/listinfo/gnome-keyring-list
>>
>>
>>
>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]